summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthieu Saulnier <fantom@fedoraproject.org>2018-01-22 06:10:59 +0100
committerMatthieu Saulnier <fantom@fedoraproject.org>2018-01-22 06:10:59 +0100
commit9f253f64071201fc09a59f4626a3d6e2595042f5 (patch)
treecd82b4018d30a6b682525f4c570bb1dcc7c76c40
parent83b454cd494515dd32595087fc90cce3ffc989d6 (diff)
downloadplaybooks-ansible-9f253f64071201fc09a59f4626a3d6e2595042f5.zip
playbooks-ansible-9f253f64071201fc09a59f4626a3d6e2595042f5.tar.gz
playbooks-ansible-9f253f64071201fc09a59f4626a3d6e2595042f5.tar.xz
Add CA and CRL specific path for daemons
-rw-r--r--roles/common/files/crt-crl.pem29
-rw-r--r--roles/common/tasks/ca.yml12
2 files changed, 41 insertions, 0 deletions
diff --git a/roles/common/files/crt-crl.pem b/roles/common/files/crt-crl.pem
new file mode 100644
index 0000000..86314cf
--- /dev/null
+++ b/roles/common/files/crt-crl.pem
@@ -0,0 +1,29 @@
+-----BEGIN X509 CRL-----
+MIIE6TCCAtECAQEwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNVBAYTAkZSMRYwFAYD
+VQQIEw1JbGUtZGUtRnJhbmNlMQ0wCwYDVQQHEwRFdnJ5MRowGAYDVQQKExFNYXR0
+aGlldSBTYXVsbmllcjEiMCAGA1UEAxMZTWF0dGhpZXUgU2F1bG5pZXIgUm9vdCBD
+QTEnMCUGCSqGSIb3DQEJARYYZmFudG9tQGZlZG9yYXByb2plY3Qub3JnFw0xODAx
+MDMxNTMyMjZaFw0xOTAxMDMxNTMyMjZaMIIBFjAgAgEFFw0xMzExMDYwMDM5NDda
+MAwwCgYDVR0VBAMKAQAwIAIBBhcNMTMxMTA2MDA0ODA0WjAMMAoGA1UdFQQDCgEA
+MCACAQcXDTE0MDMxOTE3MzQzOFowDDAKBgNVHRUEAwoBADAgAgEIFw0xNDAzMTkx
+NzQyNDZaMAwwCgYDVR0VBAMKAQAwIAIBCRcNMTQwMzIwMjMwMTU5WjAMMAoGA1Ud
+FQQDCgEAMBICAQoXDTE1MDMyOTE0MzM1MVowIAIBDBcNMTQwNDEwMDgxNjMxWjAM
+MAoGA1UdFQQDCgEAMCACAQ4XDTE1MDQwNjE1MDIzN1owDDAKBgNVHRUEAwoBADAS
+AgEPFw0xNDEyMTMyMTEzMzZaoIHkMIHhMIHSBgNVHSMEgcowgceAFAWQm79COOPA
+2u1HgQ9iObnui/hgoYGjpIGgMIGdMQswCQYDVQQGEwJGUjEWMBQGA1UECBMNSWxl
+LWRlLUZyYW5jZTENMAsGA1UEBxMERXZyeTEaMBgGA1UEChMRTWF0dGhpZXUgU2F1
+bG5pZXIxIjAgBgNVBAMTGU1hdHRoaWV1IFNhdWxuaWVyIFJvb3QgQ0ExJzAlBgkq
+hkiG9w0BCQEWGGZhbnRvbUBmZWRvcmFwcm9qZWN0Lm9yZ4IJAPh0szidm4XLMAoG
+A1UdFAQDAgEJMA0GCSqGSIb3DQEBCwUAA4ICAQBhnYcqUT0DHNFyQ7xLz5ndcNSL
+ImYL1Yo5PK7Q6VFOJEMT1LYKWx1UBDDwMuNI9zZLsWliYvaTNMC8M7HvJRXmAqDU
+Xkmk44Bj/sjCUSHCAWXL+hcMZGjpPjBfPVEEAqZJ6xkffwq2KS0MwtYV7AHssMNy
+xmLIdnjG0dKsvWCAm1HfZyoSx8QUzCSKLeA9agFBbCVX7W8fCib2J+qMVWybvBS7
+l4QI+MZxGL+fFW13lHQf1IWIsqdGyfjGh7O1urodDQLqCBHEZbvyqt63dNpjZgQF
+J8xai8qQjgJaya2ZntrMh1bjSJ1mzfXWpqSr00svCm1Q8Slc22hKeR33djSCgQFv
+iJZZt0cUzCIOzz4T4OeYBLpY10QaRPQSktKKjtkbxniIPQYsSSphQKkgs+CyqPIx
+mVREhVtvBUx4X0Ko1CtsDqL7h2cng2qIHcWyjF6fm/Eg4lDDlPbTcK3DaUmKKzs8
+b/l8COGFboP3zgUjcxAXW/OpubUWVL+viegQVyMAwnb2i57DfQZyqUOYr6PeamJq
+/A0lytU92VtPUxbqCjzmP40oczCFeSZGTFIBgdpAn5koILrvnuEYGmYXKvptvj2K
+0sv5ktz58cW71OqqDVCjetIqk0UO4EcgNd6mpHEZ6+RdpgmNyNZqZvsiAowx91Wt
+X+Ih0pQip2X7s72qNw==
+-----END X509 CRL-----
diff --git a/roles/common/tasks/ca.yml b/roles/common/tasks/ca.yml
index 2bf0e0d..6c9b02c 100644
--- a/roles/common/tasks/ca.yml
+++ b/roles/common/tasks/ca.yml
@@ -6,3 +6,15 @@
- name: Mise à jour de la base de confiance CA
command: /usr/bin/update-ca-trust
+
+- name: Installation CA personnel pour applis serveur
+ copy:
+ src: root.pem
+ dest: /etc/pki/tls/certs/mon-ca.crt
+ mode: 0444
+
+- name: Installation et renouvellement de la CRL
+ copy:
+ src: crt-crl.pem
+ dest: /etc/pki/tls/certs/crt-crl.pem
+ mode: 0444